SO G6 LSOC SR ANALIST.

Description Assignment*/Full job DescriptionRole Local Security Operation center (LSOC) Analyst Sr Mapping cybersecurity risks and threats from a technical perspective and translating them into products used by 1GNC, by: a. Performing threat analysis from a technical perspective; b. Risk profiling from a technical perspective; c. Ensure the development and evaluation of technical use cases; d. Assessing and identifying use cases from a technical perspective; e. Developing technical use cases and evaluating and proposing improvements; f. Ensure the development and evaluation of threat and vulnerability mitigation measures

• Assessing and identifying threat books from a technical perspective; g. Preparation of highly complex threat books.

• Detects cybersecurity vulnerabilities and threats by: h. Assessment of non-standard change proposals with architecture impact on cybersecurity aspects, including participation in multidisciplinary IM/IT projects; i. Proactively analyzing and interpreting sources to detect IT phenomena that pose a new threat to the provision of services and documenting the findings; j. Ensure (real-time) analysis and interpretation of correlated log data and other sources based on known threats; k. (real-time) Reactive analysis and interpretation of correlated log data and other sources in case of escalation by other analysts.
• Take mitigating measures to address or prevent threats and vulnerabilities of any size and complexity, by: l. Determining the impact of identified threats and vulnerabilities and deciding on mitigation measures to be taken; m. Commissioning of mitigating measures; n. Monitoring of mitigation orders issued; o. Deciding on escalation of vulnerabilities and threats outside the 1GNC;
• Escalating vulnerabilities and threats to NATO/DEU and NLD within the security domain; p. Acting as security disaster manager during working hours q. Identifying business impact indicators.
• Ensures the management of the information, data and processes used within 1GNC: r. Ensuring the operation and quality of the connection of external system content to 1GNC equipment; s. Ensuring the management of the source data used within 1GNC including asset model and network model; t. Ensuring the management of the use case database; u. Ensuring that the relevant processes, procedures and work instructions are kept up to date. v. Establishment of technical maintenance and equipment frameworks within 1GNC; Explanation of the assignment and its objectives Within the G6 branch: ensuring a reliable, effective, secure and interrupted use of all relevant C2IS and CIS-systems in the PHQ and upon activation during operations.
• Additional: Participating in working groups and meetings according to the battle rhythm of 1GNC, acting as information advisor to Chief Information Assurance and as Cyber advisor in the HQ in all aspects of C2 support, CIS, HQ organization as well as information security. The location for this position will be at the HQ 1 GNC (Headquarter), Schlossplatz 15, 48143 Muenster. All tasks related to the job to be executed from 1GNC, Münster, Germany. Candidate should be willing to work in Münster the whole week. Kind request to also try to identify candidates that are already living in Germany, or candidates with a German background. NATO clearances are applicable. Language of instruction is English. Organisation context and culture 1GNC is a multi-national Headquarter environment where military and civilians work close together (that is exempt from VAT). It contains mainly out of German and Dutch personal. Languages within the HQ (Headquarter) is mandatory English, preferable is also German and/or Dutch. Because of this, the CV has to be delivered in English Generic Description of required competence and levels. Implementeert informatiebeveiligingsbeleid. Controleert en onderneemt actie tegen indringers, fraude en beveiligingslekken of lekken. Zorgt ervoor dat beveiligingsrisico’s worden geanalyseerd en beheerd met betrekking tot bedrijfsgegevens en -informatie. Evalueert beveiligingsincidenten, doet aanbevelingen voor beveiligingsbeleid en -strategie om continue verbetering van de beveiliging te garanderen. Summary of Task and Mission Leidt en beheert het beveiligingsbeleid voor organisatie-informatie. Definieert de informatiebeveiligingsstrategie en beheert de implementatie in de hele organisatie. Integreert proactieve bescherming van informatiebeveiliging door de hele organisatie te beoordelen, te informeren, te waarschuwen en op te leiden. Tasks Definieer de strategie en normen voor informatiebeveiliging Draag bij aan de ontwikkeling van het beveiligingsbeleid van de organisatie Beheer beveiligingsaudits Evalueer risico’s, bedreigingen en consequenties Opzetten en beheren van preventie-, detectie-, correctie- en saneringsplannen Informeren en sensibiliseren bij het algemene management en bij alle IT-gebruikers en professionals Voer informatiebeveiligingsoperaties uit